package com.kfm.ajax.interceptor;

import com.kfm.ajax.model.UserModelDTO;
import com.kfm.ajax.util.Constant;
import org.springframework.stereotype.Component;
import org.springframework.web.servlet.HandlerInterceptor;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Component
public class PromisserInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        /*
        * 1. 获取请求路径
        * 2. 判断是否有权限
         */
        System.out.println("进入拦截器, " + request.getRequestURI());

        Object attribute = request.getSession().getAttribute(Constant.LOGIN_USER);

        if (attribute != null){
            UserModelDTO userModelDTO = (UserModelDTO) attribute;

            // 获取请求路径
            String requestURI = request.getRequestURI();
            // 判断是否有权限 userModelDTO.getPromissionList() （ArrayList::contains）
            if (userModelDTO.getPromissionList().contains(requestURI)){
                return true;
            } else {
                response.sendRedirect("/403");
            }
        }
        return false;
    }
}
